Import root Certificate Authority to Nokia N70 Mobile Phone

Upon connecting to an untrusted SSL resource, the device will inform me that the SSL certificate which is automatically sent by the server is untrusted. For example when synchronizing the device with my SyncML server over an HTTPS URL, my Nokia N70 reports an untrusted SSL certificate at each connection.

I don't want to have to confirm the trust at each connection, so I set about to get my Certificate Authority's root certificate into the phone.

Knowing a bit about the topic, I imagined the Series 60 phone would prefer a DER-formatted certificate to a PEM-formatted one, so I converted by PEM certificate (often stored as a .crt or .pem file) into a DER format (often such files are named .der, or in the Microsoft world, .cer). I guessed it would be .cer, and it turned out my hunch was correct.

The conversion is simple if access to the OpenSSL tool chain is available:

$ openssl x509 -in jpmensca.crt -out jpmensca.cer -outform DER

This file I then transmitted via BlueTooth to the mobile device. Your mileage will vary here of course, but from my Windows notebook I used file transfer to do it. I simply dropped the jpmensca.cer file onto the OBEX file transfer folder. My device told me I had a message waiting for me,

and I then opened the message to find a message from the BlueTooth stack containing the attachment jpmens.cer file. As soon as it is opened, the mobile phone recognizes that it is a certificate and offers to import it.

After acknowledging that the new certificate might be insecure, I saved anyway and gave it a label with which to later identify it, then specifying the trust options for the certificate:

The certificate is then saved in the phone's certificate store.

To later view details of the certificate, revoke trust, or even delete the certificate, I use the security settings utility to access Certificate management which lists all the trusted certificates, and I can open mine of course.

Now I can connect to an HTTPS resource which is protected by SSL/TLS certificates I have issued myself.

Entry posted on January 13th, 2007 at 4:05 PM in Hardware, Internet, Mobile, Security, SyncML.

Related Posts

Importing an SSL Cert into SAP, Nokia N70, Firmware Update for Nokia Mobile Phones, The Postman Rang Once and CAcert Certificates

Comments (4) left to “Import root Certificate Authority to Nokia N70 Mobile Phone”

  1. Fabio Invernizzi » Certificati SSL su E61 (symbian) wrote on 02-Jul-07 at 10:13 am

    [...] (Qui qualche screenshot della procedura di import via bluetooth su un N70) Tags:none – [...]

  2. Peter Lindeman wrote on 14-Jul-07 at 1:32 am

    Very nice description, I was allready long looking for this, never could imagine it was so simple ;-)

    Thanks

  3. Certificados SSL en Nokia N70 (Symbian S60 2nd edition) « El Abismo de los Jadarios wrote on 15-Feb-08 at 1:49 am

    [...] sin que te diga cada vez que abres que el certificado es inseguro. La fuente de inspiración es este artículo en inglés donde hace esto mismo para su cuenta y un N70. Y esto es una buena referencia del comando openssl [...]

  4. Nsrmgr ty wrote on 01-Jul-08 at 8:32 am

    From where to download this very certificate?

Post a Comment

*Required Full name
*Required (Never published)
 
« 800
Mitchell Plateau. Helicopter view »
Home